The Mole: Message Management Tricks

In which the Mole addresses event logging magic and copying groups.

07/01/2000

Dear Mole,
I was just doing some searching on TechNet for information
on a particular error that showed up in the event log
of one of our servers and I somehow got directed to an
issue of The Mole. Since I was having little luck with
my search, it dawned on me that the possible solution
to my problem was right in front of me: Ask the Mole!
I’ve compiled a list of events
that have appeared on our servers that I was unfamiliar
with. What I want to do is understand everything that
happens so I know what errors are important and which
can be ignored. My question to you: What is the fastest
way to track down information on these errors? Is there
some master Event ID list somewhere? Perhaps there’s a
little routine you could outline that would speed up my
resolution of these event log errors?
Thanks for listening,
—Mike Mirkovich, Jr.
Network Engineer

Hi Mike,
Obviously, you’re a most resourceful kind of guy. And
Mole’s got a few more tricks to add to your magic bag.
Two of them live in the Windows NT 4.0 Workstation Resource
Kit.

The first one is the “Windows NT Messages” help file.
The second is the Windows NT Event Log Database, which
is in a Microsoft Access database format. You can filter
and search the database on such things as Event ID or
error text. Makes a great gift for your favorite NT administrator,
whom Mole assumes is yourself.

Then, of course, there’s the trusty KnowledgeBase, or
“KB” to its familiars. Using a query like the following
should provide any articles that address the error in
question:

event id 1234

Happy searching and thanks for the strokes.

Stop Typing Now! You Can Copy Groups From
Machine to Machine

Munificent Mole, I’ve discovered your molehill
musings! Might you marshal your multifarious mining methods
to mitigate my morning’s misery?
My current perplexity is over
the quickest way of setting up a new NT 4.0 SP4/IIS Web
server for a company intranet. We’re outgrowing our existing
(NT 4.0 SP3/IIS) server’s speed and capacity so we’re
upgrading the hardware. We have about 1,600 users configured
in user manager, and each user has a directory with multiple
user permissions settings (group related—for example,
if user A is part of parent group 1, that directory needs
permissions set for User A and Parent Group 1).
Is it possible to transfer the
User Manager data from one machine to the second and keep
the ID, password, and other info intact? And is it possible
to copy to the new system the directories and files while
maintaining their security settings as configured on the
“old” server? Or am I (the non-10-fingered-touch-typist)
stuck with a month’s work of manual reentry and recreating
permissions?
A network guru friend mentioned
scopy.exe as being a possibility, but didn’t have any
firsthand experience with it; and a search of the online
Knowledge Base gave me an article on scopy as it related
to “Keeping NTFS Security Intact When Moving a PO” (Q127954),
not exactly enlightening to me regarding my NT/IIS issues;
another techie mentioned cloning via manipulating these
two machines as PDC/BDCs—but as I understand, that requires
identical hardware (and SP versions?) on each box.
Magnificent Mole, is there a
way to worm out of such a laborious manual recreation?
My digits are degraded from dredging for “de info” while
fearing future finger fatigue...
Thanks,
—Eugene
Sr. Web Guy

Dear Mole,
On my stand-alone NT 4.0 server, I have over 400 users!
Now I want to copy all users on the stand-alone server
to a new PDC Server. Is it possible?
Best Regards,
—Enrico Iozzi

Gentlemen,
Yes, Mole can help reduce your keyboarding burdens, although
Eugene’s problem of excessive alliteration, which Mole
suspects derives from stuck m, f, and d keys, is beyond
his expertise. (Mole does, however, salute your ingenuity
in turning this bug into a feature of your style.)

Now, back to software. And the answer is, yes. Yes, Eugene.
Yes, Enrico. Yes. Yes. Yes. (Mole loves saying, “Yes.”
It sits so much more nicely in the mouth than “No.”) Furthermore,
yes, and at no additional cost. A yes made in heaven.
Your guardian angels are, respectively, a command already
available to you in the NT system, and a utility from
the NT 4.0 Resource Kit.

Eugene, you say that your users belong to specific groups.
To copy or transfer Users from one machine to another,
you can use the grpcopy.exe tool. Mini-blurb about this
tool: grpcopy allows users to copy user names from an
existing group to another group, in the same domain or
in another domain, or on a computer running NT. To use
grpcopy, you must have at least account operator privileges
in the affected domains.

Next, your friend was on the right track by suggesting
the scopy utility. However, scopy has been replaced with
the “xcopy” utility which does the same thing as scopy
did. xcopy has been there for you all along—just go to
a command prompt on an NT machine. To get a peek at the
available switches for xcopy, type the following at the
command prompt:

xcopy /?

xcopy copies files and directories from NTFS partitions
with their security intact.

Other Resource Kit utilities that might be useful to
you are:

Permcopy.exe—Copies share-level
permissions (ACLs) from one share to another.

ShowACLs—Enumerates access
rights for files, folders, and trees. ShowACLs works
on NTFS partitions only. The most useful feature of
ShowACLs is the ability to show permissions for a particular
user.

Perms.exe—Displays a user’s
access permissions for a specified file or set of files.
To use Perms, you need “Backup files and folders” privileges
on the computer where the files are stored, and you
must be logged on as a member of the Administrators
group for the domain or computer where the user account
is defined. Otherwise, “Access denied” errors may occur.